Systems and methods for authentication via bluetooth device

ABSTRACT

A system and/or method is provided to implement authentication via Bluetooth devices. In particular, a user&#39;s Bluetooth device, such as a smart phone, may be registered to be used for automatic authentication for an online user account. When the user is attempting to log onto the online user account at a user device, such as a laptop, the user device may detect that the user&#39;s Bluetooth device is in proximity to the user device and the user may be logged into the online user account at the user device automatically. Thus, the user may be logged into the online user account seamlessly without requiring the user to input credentials, such as user name and/or password.

BACKGROUND

1. Technical Field

The present invention generally relates to systems and methods forauthentication via one or more Bluetooth devices.

2. Related Art

Various online websites rely on user names and passwords to authenticateusers who wishes to access the respective user accounts provided bythese websites. With the increasing use of electronic commerce, a usermay have a plurality of different online accounts. As such, it maybecome difficult for the user to remember all the different combinationsof user names and passwords for these different online accounts.Moreover, it may be tedious and inconvenient for the user having toenter user names and passwords every time he or she wishes to access anonline account. Thus, there is a need for a system or method provides animproved process for authenticating users.

BRIEF DESCRIPTION OF THE FIGURES

FIG. 1 is block diagram of a networked system suitable for implementingauthentication via a Bluetooth device according to an embodiment.

FIG. 2 is a flowchart showing a process for setting up a user accountfor authentication via a Bluetooth device according to one embodiment.

FIG. 3 is a flowchart showing a process for authentication via aBluetooth device according to one embodiment.

FIG. 4 is a block diagram of a computer system suitable for implementingone or more components in FIG. 1 according to one embodiment.

Embodiments of the present disclosure and their advantages are bestunderstood by referring to the detailed description that follows. Itshould be appreciated that like reference numerals are used to identifylike elements illustrated in one or more of the figures, whereinshowings therein are for purposes of illustrating embodiments of thepresent disclosure and not for purposes of limiting the same.

DETAILED DESCRIPTION

According to an embodiment, a system and/or method may be provided toimplement authentication via a Bluetooth device. In particular, a user'sBluetooth device, such as a smart phone, may be used for automaticauthentication for an online user account. When the user is attemptingto access the online user account at a user device, such as a laptop,the user device may detect that the user's Bluetooth device is inproximity (e.g., in communication range) to the user device and the usermay be logged into the online user account on the user deviceautomatically. Thus, the user may be logged into the online user accountseamlessly without requiring the user to input credentials, such as username and/or password.

In an embodiment, the user's Bluetooth device may first be registered atan authentication server. A set of private and public keys may begenerated at the Bluetooth device. The public key may be registered andstored at the authentication server. When user authentication isrequired at the user device, the user device may detect whether theBluetooth device is in proximity. A session ID issued from theauthentication server may be passed from the user device to theBluetooth device and the session ID may be encrypted at the Bluetoothdevice using the private key. The encrypted session ID is then sent backto the authentication server via the user device. The authenticationserver may decrypt the encrypted session ID with the public key. If thedecrypted session ID matches the session ID initially issued by theauthentication server, the user is automatically logged in at the userdevice without requiring the user to enter user name and/or password.

In an embodiment, a combination of different Bluetooth devices may bedesignated for automatic authentication. As such, when the combinationof the different Bluetooth devices are in proximity to or are pairedwith the user device, the user may automatically be authenticated at theuser device. In another embodiment, different Bluetooth devices may bedesignated for automatic authentication at different user accounts. Forexample, a first Bluetooth device or a first combination of Bluetoothdevices may be designated for automatic authentication for the user'spersonal account while a second Bluetooth device or a second combinationof Bluetooth devise may be designated for automatic authentication forthe user's work account.

In an embodiment, multiple users with multiple Bluetooth devices may beassociated with the same account or the same user device. As such, whenmore than one user is in proximity to the user device, theauthentication server may determine whether to log in the usersautomatically based on the type of user account. For example, ifmultiple users are associated with one shared user account, theauthentication server may allow the users associated with the account tolog in automatically as long as at least one of the users are inproximity. In another example, if multiple users share the same userdevice, e.g., personal computer, by each have a different account at theuser device, the authentication server may not automatically log in anyuser when more than one user is in proximity and may require one of theusers to log in manually, e.g., by entering user name and password, toensure the correct user is log into the correct user account at the userdevice.

In an embodiment, authentication via Bluetooth may be implemented forproviding automatic authentication for other applications ortransactions. For example, the user may be automatically authenticatedfor a payment transaction or for accessing certain applications, such asa banking application on the user's device. In another example, theauthentication via a Bluetooth device may be used to log the user into acomputer or a mobile device, without requiring the user to enter a PINcode. In still another example, the authentication via a Bluetoothdevice may be used to authenticate the user for entry into vehicles,buildings, restricted areas, public/private events, and the like. Inother embodiments, Near-Field Communication (NFC), such as WiFi,Radio-Frequency Identification (RFID), or the like, also may beimplemented for automatic authentication.

FIG. 1 is a block diagram of a networked system 100 configured toimplement a process for authentication via a Bluetooth device inaccordance with an embodiment of the invention. Networked system 100 maycomprise or implement a plurality of servers and/or software componentsthat operate to perform various payment transactions or processes.Exemplary servers may include, for example, stand-alone andenterprise-class servers operating a server OS such as a MICROSOFT® OS,a UNIX® OS, a LINUX® OS, or other suitable server-based OS. It can beappreciated that the servers illustrated in FIG. 1 may be deployed inother ways and that the operations performed and/or the servicesprovided by such servers may be combined or separated for a givenimplementation and may be performed by a greater number or fewer numberof servers. One or more servers may be operated and/or maintained by thesame or different entities.

System 100 may include a user device 110, a Bluetooth device 140, and anauthentication server 170 in communication over a network 160.Authentication server 170 may be maintained by a merchant or an internetcompany that provides service, content, or products to consumers orusers. A user 105, such as a consumer, may utilize user device 110 toaccess certain content or service offered at the authentication server170. For example, user 105 may utilize user device 110 to visit a website provided by the authentication server 170 to browse for contents orservices offered at the application server 170. Although only oneauthentication server is shown, a plurality of authentication serversmay be utilized.

User device 110, Bluetooth device 140, and authentication server 170 mayeach include one or more processors, memories, and other appropriatecomponents for executing instructions such as program code and/or datastored on one or more computer readable mediums to implement the variousapplications, data, and steps described herein. For example, suchinstructions may be stored in one or more computer readable media suchas memories or data storage devices internal and/or external to variouscomponents of system 100, and/or accessible over network 160. Network160 may be implemented as a single network or a combination of multiplenetworks. For example, in various embodiments, network 160 may includethe Internet or one or more intranets, landline networks, wirelessnetworks, and/or other appropriate types of networks.

User device 110 may be implemented using any appropriate hardware andsoftware configured for wired and/or wireless communication over network160. For example, in one embodiment, the user device may be implementedas a personal computer (PC), a smart phone, wearable device, laptopcomputer, and/or other types of computing devices capable oftransmitting and/or receiving data, such as an iPad™ or an iPhone™ fromApple™.

User device 110 may include one or more browser applications 115 whichmay be used, for example, to provide a convenient interface to permituser 105 to browse information available over network 160. For example,in one embodiment, browser application 115 may be implemented as a webbrowser configured to view information available over the Internet, suchas a user account for online shopping and/or merchant sites for viewingand purchasing goods and services. User device 110 may also include oneor more toolbar applications 120 which may be used, for example, toprovide client-side processing for performing desired tasks in responseto operations selected by user 105. In one embodiment, toolbarapplication 120 may display a user interface in connection with browserapplication 115.

User device 110 also may include other applications to performfunctions, such as email, texting, voice and IM applications that allowuser 105 to send and receive emails, calls, and texts through network160, as well as applications that enable the user to communicate,transfer information, or make transactions.

User device 110 may include one or more user identifiers 130 which maybe implemented, for example, as operating system registry entries,cookies associated with browser application 115, identifiers associatedwith hardware of user device 110, or other appropriate identifiers, suchas used for payment/user/device authentication. In one embodiment, useridentifier 130 may be used to associate user 105 with a particularaccount at the authentication server 170. A communications application122, with associated interfaces, enables user device 110 to communicatewithin system 100. User device 110 may include applications forimplementing Near Field Communication (NFC), such as Bluetoothcommunication. For example, user device 110 may include applications forpairing the user device 110 with one or more Bluetooth devices toimplement Bluetooth communication.

Bluetooth device 140 may have one or more similar components as that ofuser device 110. In particular, Bluetooth device 140 may be a mobiledevice, such as a smart phone or a Bluetooth dongle, which may becarried by the user 105. As such, the presence of the Bluetooth device140 may represent a presence of the user 105. The Bluetooth device 140may include applications for implementing Bluetooth communication withother nearby devices. The Bluetooth device 140 may be associated withthe user's account and registered at the authentication server 170.

Authentication server 170 may be maintained, for example, by a merchantor an online company which may provide content, services, or softwareproducts that may be viewed, utilized, or installed at consumer'scomputing devices. Authentication server 170 may store informationrelated to user accounts 180. For example, various users may beregistered at the authentication server 170 to utilize content orservice provided by the authentication server 170. Authentication server170 may store various account information 185 associated with each useraccount. The account information may include private information ofusers such as account numbers, passwords, device identifiers, usernames, phone numbers, credit card information, bank information, orother financial information, Account information may also include usagehistory and user ratings. Authentication server 170 may include otherapplications 124 such as an authenticator configured to authenticateusers. Authentication server 170 also may include a security applicationconfigured to encrypt/decrypt data information to provide securedcommunication and transfer of data.

FIG. 2 is a flowchart showing a process for setting up a user accountfor authentication via Bluetooth device according to one embodiment. Atstep 202, a user account may be registered at the authentication server170. For example, the user 105 may set up a user account at theauthentication server 170 to receive content or services from theauthentication server 170. The user 105 may first download a Bluetoothauthentication application from the authentication server 170 to theBluetooth device 140. The Bluetooth authentication application may beconfigured to implement authentication via Bluetooth. The applicationalso may implement content or services from the authentication server170. During registration, the user 105 may provide various personalinformation to the authentication serve 170, such as user name,password, address, contact information, account settings userpreferences, and the like. The user 105 also may indicate whether theuser wishes to utilize authentication via Bluetooth in user preferences.

At step 204, the Bluetooth device 140 may generate a unique set ofpublic and private keys for encryption. The encryption may facilitatesecured communication to and from the Bluetooth device 140. Thepublic/private key set may be a type of asymmetric cryptography. Theprivate key and the public key may be associated mathematically. Theprivate key may be used to encrypt data for secured data communication.The public key may be given to other devices that receive the encrypteddata to decrypt the encrypted data. In an embodiment, the private/publickey set may be generated at the Bluetooth device 140, such that theprivate key is kept at the Bluetooth device 140 and the public key isforwarded to the authentication server 170. In another embodiment, theprivate/public key set may be generated at the authentication server170, such that the private key is kept at the authentication server 170and the public key is forwarded to the Bluetooth device 140. In anembodiment, a unique set of private/public keys may be generated foreach account or device on which the user 105 is to be authenticated.

At step 206, the user 105 may first log into the user account at theauthentication server 170 to set up the automatic login options. Theuser 105 may selectively turn on or off the automatic login option. Theuser 105 also may designate one or more Bluetooth devices that maytrigger the automatic login. Further, the user 105 may designatedevices, websites, accounts, or other settings for using automatic loginvia Bluetooth. For example, the user 105 may designate an account at theauthentication server 170 that is to be automatically logged in usingthe Bluetooth device 140. The Bluetooth device 140 or the device ID ofthe Bluetooth device 140 may be associated with this account. Thus, theauthentication server 170 may determine which account is to be logged inautomatically when the Bluetooth device 140 is in proximity.

In some embodiments, multiple Bluetooth devices may be associated withone account for automatic authentication. For example, when any one ofthe designated Bluetooth devices is present, the account mayautomatically be logged in. In another example, the account mayautomatically be logged in when all of the designated Bluetooth devicesare present. In still another example, the account may automatically belogged in when only one of the designated Bluetooth devices is present.In an embodiment, a certain combination of Bluetooth devices inproximity may trigger automatic login for a certain account. Forexample, when the user 105's smart phone and smart watch are present, apersonal email account may automatically be logged in at the user device110. In another example, when the user 105's smart phone and work laptopare present, a work email account may automatically be logged in. Thus,the user may set up different combinations of Bluetooth devices forautomatic login of different accounts or devices.

At step 208, the Bluetooth device 140 may be paired with the user device110 via Bluetooth communication. In an embodiment, the Bluetooth device140 may subsequently be automatically paired with the user device 110when the Bluetooth device 140 is in proximity to the user device 110. Atstep 210, the public key generated for the account or the device may beforwarded from the Bluetooth device 140 to the authentication server170. The authentication server 170 may store and associate the publickey with the Bluetooth device that generated the public key.

By the process 200, automatic authentication may be set up for anaccount at the authentication server 170. In particular, a unique set ofprivate/public keys may be generated for secured communication forauthenticating the user 105. The user 105 also is allowed to designateone or more Bluetooth devices that may trigger the automaticauthentication of the account. Further, the user is allowed to set howthe automatic authentication is triggered.

FIG. 3 is a flowchart showing a process for authentication via Bluetoothdevice according to one embodiment. At step 302, the authenticationserver 170 may receive a request to access an account at theauthentication server 170. For example, the user 105 may use a browserat the user device 110 to visit a website that allows the user 105 tolog into the user 105's account at the authentication server 170. Atstep 304, the authentication server 170 may provide an interface for theuser 105 to log in. For example, the authentication server 170 may senda webpage to the user device 110 that includes fields for the user 105to enter credentials, such as user name and/or password, forauthentication.

The authentication server 170 may generate a session ID which isforwarded to the user at the user device 110 along with the logininterface. The session ID may be unique to the login session and mayidentify the particular session the user is about to log in. A newsession ID may be generated and used for each time the user 105 accessesthe user's account. As such, the authentication server 170 may be ableto keep track of the different sessions of account accesses. The sessionID may have an expiration time, such as 5 minutes or 10 minutes. Whenthe session ID has expired, the account access may end and the user 105may automatically be logged out of the account. In an embodiment, theauthentication server 170 may keep the session ID alive when the user105 continues to access the account, e.g., continuing user activities inthe account. As such, the session ID may expire or the account accessmay time out when the user 105 is inactive for a predetermined amount oftime.

At step 306, the user device 110 may detect or determine Bluetoothdevices paired with the user device 110. In an embodiment, theauthentication interface sent from the authentication server 170 mayinclude instructions for the user device 110 to search for Bluetoothdevices configured for automatic authentication. For example, the loginwebpage may include programming code, such as Javascript, that triggersthe user device 110 to search for the Bluetooth device 140. Inparticular, the user device 110 may be paired with one or more Bluetoothdevices. The user device 110 may search for a paired Bluetooth devicethat has a Bluetooth service ID designated for authentication. Forexample, the Bluetooth device 140 may be paired with the user device 110having a Bluetooth service ID designated for automatic authenticationwhile other Bluetooth devices paired with the user device 110 may haveother service IDs for other functions, such as audio output, mouseinput, and the like. As such, the user device 110 may determine whetherany Bluetooth devices with the authentication service ID is currentlypaired with the user device 110.

At step 308, if there is one or more Bluetooth devices with theauthentication service ID paired with the user device 110, the userdevice 110 may forward the session ID issued from the authenticationserver 170 to the Bluetooth device 140, which is paired with the userdevice for the purpose of automatic authentication. In some embodiments,more than one Bluetooth devices may be paired with the user device 110for automatic authentication. In this case, the user device 110 may sendthe session ID to each of the paired Bluetooth devices that aredesignated for automatic authentication. At step 310, the Bluetoothdevice 140 may receive the session ID and may encrypt the session IDwith the private key previously created for automatic authentication. Insome embodiments, multiple Bluetooth devices may receive the session ID.In this case, each of the multiple Bluetooth devices may encrypt thesession ID with each of the Bluetooth devices' own unique private key.

At step 312, the Bluetooth device 140 or the multiple Bluetooth devicesmay send the encrypted session ID back to the user device 110. In anembodiment, the encrypted session ID may be included with a Bluetoothdevice ID of the Bluetooth device that encrypted the session ID. Assuch, in the case that the session ID is encrypted by multiple Bluetoothdevices, it may be determined which encrypted session ID is encrypted bywhich Bluetooth device. At step 314, the user device 110 may send theencrypted session ID to the authentication server 170.

At step 316, the authentication server 170 may receive the encryptedsession ID from the user device 110 and may decrypt the encryptedsession ID. In particular, the authentication server 170 may determinethe public key for decrypting the session ID based on the device ID ofthe user device 110 or the device ID of the Bluetooth device includedwith the encrypted session ID. For example, based on the device ID ofthe user device 110, the authentication server 170 may determine theuser account that is associated with the user device 110. The useraccount may indicate one or more Bluetooth devices and their respectivepublic keys for decrypting the encrypted session ID. In an embodiment,the device ID of the Bluetooth device may be used to find the public keyassociated with the Bluetooth device that encrypted the session ID.After identifying the public key, the authentication server 170 maydecrypt the encrypted session ID using the identified public key.

At step 318, the authentication server 170 may match the decryptedsession ID with the session ID, which was originally issued from theauthentication server 170. If the decrypted session ID matches theoriginally issued session ID, the authentication server 170 mayautomatically authenticate or log in the user 105 at the user device 110at step 320. As such, the user 105 may access the user account withouthaving to enter credentials, such as user name and/or password. On theother hand, if the decrypted session ID does not match the originallyissued session ID or if no encrypted session ID is received from theuser device 110, the authentication server 170 may require the user toenter credentials at the user device 110 to gain access to the useraccount at step 322.

In some embodiments, the user 105 may set up various requirements forautomatic authentication. For example, automatic authentication mayrequire the presence of a specific combination of Bluetooth devices. Theuser 105 may be automatically authenticated at the user device 110 whenthe user 105's smart phone and the user 105's smart watch are both inproximity and paired with the user device 110. In this case, the sessionID issued from the authentication server 170 may be encrypted by boththe user 105's smart phone and smart watch using their respectiveprivate keys. The authentication server 170 may receive two encryptedsession IDs, one encrypted by the smart phone and one encrypted by thesmart watch. The authentication server 170 may decrypt these twoencrypted session IDs respectively using the smart phone's public keyand the smart watch's public key. When both of the decrypted sessionID's match the originally issued session ID, the authentication server170 may allow automatic authentication at the user device 110.

In an embodiment, different combination of Bluetooth devices may triggerautomatic authentication for different user accounts. For example, whenthe user's smart watch and smart phone are present at the user device110, the authentication server 170 may automatically log the user 105into the user 105's personal email account. When the user's work phoneand smart watch are present at the user device 110, the authenticationserver 170 may automatically log the user 105 into the user 105's workemail account. As such, the user 105 may designate differentcombinations of Bluetooth devices for automatic authentication ofdifferent accounts.

In an embodiment, based on the type of account, the authenticationserver 170 may determine whether to implement automatic authenticationwhen more than one Bluetooth devices are present at the user device 110.For example, an account may be shared by multiple users. When one ormore of the Bluetooth devices associated with the multiple users of theshared account are present at the user device 110, the authenticationserver 170 may implement automatic authentication regardless of which ofthe multiple users is present. In another example, a computer may beshared by multiple users each with his/her own unique user account. Assuch, when multiple users are detected at the computer, theauthentication server 170 may not implement automatic authentication,such that an account is not accessed by a wrong user.

In an embodiment, the Bluetooth signal strength from different Bluetoothdevices may be used to determine which Bluetooth device or which user islocated closest to the user device 110. As such, the correct useraccount may be determined for the correct user based on how close theusers are to the user device 110. For example, the account of the userlocated closest to the user device 110 may automatically beauthenticated assuming the user located closest to the user device 110is at the user device 110 attempting to access the user account.

In an embodiment, the user 105 may be allowed to set a distance rangewithin which the automatic authentication is to be implemented. Forexample, the user 105 may want to be automatically authenticated onlywhen the user 105 is located directly at the user device 110. As such,the automatic authentication may be implemented when the Bluetoothsignals received from the user 105's Bluetooth device 140 is verystrong. When the Bluetooth signals received from the user 105'sBluetooth device 140 is weak, the user 105 may not be automaticallyauthenticated. This may ensure that the user 105's account is notaccessed by others when the user 105 is not directly located at the userdevice 110. In an embodiment, certain locations may be designated forautomatic login, such as the user's home or the user's work place. Forexample, the user device 110 or the Bluetooth device 140 may include aGlobal Positioning System (GPS) device or other location sensor. Whenthe user device 110 or the Bluetooth device 140 is within a designatedlocation, based on the location detected by the GPS device, the userdevice 110 or the Bluetooth device 140 may implement automatic login. Assuch, the user 105 may designate certain familiar locations where theuser 105 may be automatically log into an account or a device.

The above processes 200 and 300 for automatic authentication viaBluetooth devices may allow the user 105 to quickly and conveniently login or gain access to an account at the user device 110 when one or moreof the user 105's Bluetooth devices are in proximity to and paired withthe user device 110. Thus, the user 105 may be automatically log intothe user's account without having to enter credentials, such as username and/or password. In particular, the automatic authenticationprocess may utilize the encryption and decryption of a session IDbetween the Bluetooth device 140 and the authentication server 170 toauthenticate the user 105 automatically.

The automatic authentication via Bluetooth process may be implementedfor access to other applications or devices besides user accounts at theuser device 110. In an embodiment, the process may be implemented forautomatically logging the user into a device, such as a computer. Forexample, a computer, such as a laptop, a desktop, a mobile device, orthe like may require a user name and/or a password or a PIN to gainaccess to the device. The user 105 may register the device at theauthentication server 170 to use automatic authentication via aBluetooth device. The user 105 may designate one or more Bluetoothdevices, the presence of which may trigger automatic authentication foraccess to the device. When the designated Bluetooth device is inproximity and be paired with the device, the authentication server 170may automatically authenticate and allow the user to access the devicewithout entering credentials, such as password and/or user name. Assuch, various devices, such as smart phones, wearable devices, variouscomputing devices, and the like, may be unlocked using the automaticauthentication via Bluetooth.

In an embodiment, the authentication via a Bluetooth process may beimplemented for unlocking a vehicle. For example, a vehicle, such as acar, a boat, a bike, or any transportation vehicle, may require a key togain access or start the vehicle. The user 105 may register the vehicleat the authentication server 170 to use automatic authentication via aBluetooth device. The user 105 may designate one or more Bluetoothdevices, the presence of which may trigger automatic authentication foraccess to the vehicle. The vehicle may include a communication deviceconfigured to communicate and be paired with the Bluetooth device. Thecommunication device of the vehicle also may communicate with theauthentication server 170 via the network 160. When the designatedBluetooth device is in proximity and paired with the vehicle, theauthentication server 170 may automatically authenticate and allow theuser to access or start the vehicle without requiring a key. As such,various vehicles may be unlocked or accessed using the automaticauthentication via Bluetooth.

In an embodiment, the authentication via Bluetooth process may beimplemented for gaining entry into a building or unlocking a door or agate. For example, an access point, such as a door to a house, a door toan office building, a gate to an area, or other physical access pointmay require a user to provide a key or certain credentials, such aspasscode, to gain access or unlock. The user 105 may register the accesspoint at the authentication server 170 to use automatic authenticationvia a Bluetooth device. The user 105 may designate one or more Bluetoothdevices the presence of which may trigger automatic authentication foraccess through the access point. The access point may be equipped with acommunication device configured to communicate and be paired with theBluetooth device. The communication device of the access point also maycommunicate with the authentication server 170 via the network 160. Whenthe designated Bluetooth device is in proximity and paired with thedevice, the authentication server 170 automatically authenticate andallow the user to access the access point without keys or credentials,such as password and/or user name. As such, various access points, suchas doors or gates, may be unlocked using the automatic authenticationvia Bluetooth.

FIG. 4 is a block diagram of a computer system 400 suitable forimplementing one or more embodiments of the present disclosure. Invarious implementations, the user device may comprise a personalcomputing device (e.g., smart phone, a computing tablet, a personalcomputer, laptop, wearable device, Bluetooth device, key FOB, badge,etc.) capable of communicating with the network. The merchant and/orpayment provider may utilize a network computing device (e.g., a networkserver) capable of communicating with the network. It should beappreciated that each of the devices utilized by users, merchants, andpayment providers may be implemented as computer system 400 in a manneras follows.

Computer system 400 includes a bus 402 or other communication mechanismfor communicating information data, signals, and information betweenvarious components of computer system 400. Components include aninput/output (I/O) component 404 that processes a user action, such asselecting keys from a keypad/keyboard, selecting one or more buttons orlinks, etc., and sends a corresponding signal to bus 402. I/O component404 may also include an output component, such as a display 411 and acursor control 413 (such as a keyboard, keypad, mouse, etc.). Anoptional audio input/output component 405 may also be included to allowa user to use voice for inputting information by converting audiosignals. Audio I/O component 405 may allow the user to hear audio. Atransceiver or network interface 406 transmits and receives signalsbetween computer system 400 and other devices, such as another userdevice, a merchant server, or a payment provider server via network 360.In one embodiment, the transmission is wireless, although othertransmission mediums and methods may also be suitable. A processor 412,which can be a micro-controller, digital signal processor (DSP), orother processing component, processes these various signals, such as fordisplay on computer system 400 or transmission to other devices via acommunication link 418. Processor 412 may also control transmission ofinformation, such as cookies or IP addresses, to other devices.

Components of computer system 400 also include a system memory component414 (e.g., RAM), a static storage component 416 (e.g., ROM), and/or adisk drive 417. Computer system 400 performs specific operations byprocessor 412 and other components by executing one or more sequences ofinstructions contained in system memory component 414. Logic may beencoded in a computer readable medium, which may refer to any mediumthat participates in providing instructions to processor 412 forexecution. Such a medium may take many forms, including but not limitedto, non-volatile media, volatile media, and transmission media. Invarious implementations, non-volatile media includes optical or magneticdisks, volatile media includes dynamic memory, such as system memorycomponent 414, and transmission media includes coaxial cables, copperwire, and fiber optics, including wires that comprise bus 402. In oneembodiment, the logic is encoded in non-transitory computer readablemedium. In one example, transmission media may take the form of acousticor light waves, such as those generated during radio wave, optical, andinfrared data communications.

Some common forms of computer readable media includes, for example,floppy disk, flexible disk, hard disk, magnetic tape, any other magneticmedium, CD-ROM, any other optical medium, punch cards, paper tape, anyother physical medium with patterns of holes, RAM, PROM, EEPROM,FLASH-EEPROM, any other memory chip or cartridge, or any other mediumfrom which a computer is adapted to read.

In various embodiments of the present disclosure, execution ofinstruction sequences to practice the present disclosure may beperformed by computer system 400. In various other embodiments of thepresent disclosure, a plurality of computer systems 400 coupled bycommunication link 418 to the network (e.g., such as a LAN, WLAN, PTSN,and/or various other wired or wireless networks, includingtelecommunications, mobile, and cellular phone networks) may performinstruction sequences to practice the present disclosure in coordinationwith one another.

Where applicable, various embodiments provided by the present disclosuremay be implemented using hardware, software, or combinations of hardwareand software. Also, where applicable, the various hardware componentsand/or software components set forth herein may be combined intocomposite components comprising software, hardware, and/or both withoutdeparting from the spirit of the present disclosure. Where applicable,the various hardware components and/or software components set forthherein may be separated into sub-components comprising software,hardware, or both without departing from the scope of the presentdisclosure. In addition, where applicable, it is contemplated thatsoftware components may be implemented as hardware components andvice-versa.

Software, in accordance with the present disclosure, such as programcode and/or data, may be stored on one or more computer readablemediums. It is also contemplated that software identified herein may beimplemented using one or more general purpose or specific purposecomputers and/or computer systems, networked and/or otherwise. Whereapplicable, the ordering of various steps described herein may bechanged, combined into composite steps, and/or separated into sub-stepsto provide features described herein.

The foregoing disclosure is not intended to limit the present disclosureto the precise forms or particular fields of use disclosed. As such, itis contemplated that various alternate embodiments and/or modificationsto the present disclosure, whether explicitly described or impliedherein, are possible in light of the disclosure. Having thus describedembodiments of the present disclosure, persons of ordinary skill in theart will recognize that changes may be made in form and detail withoutdeparting from the scope of the present disclosure. Thus, the presentdisclosure is limited only by the claims.

What is claimed is:
 1. A system comprising: a memory storing an accountof a user; and one or more processors in communication with the memoryand adapted to: determine whether a Bluetooth device of the user ispaired with a user device of the user; and authenticating the user onthe user device automatically without requiring entry of credentials bythe user based on whether the Bluetooth device of the user is pairedwith the user device.
 2. The system of claim 1, wherein the one or moreprocessors are further adapted to: receive an authentication request ofthe user from the user device; and send an authentication interface,which is configured to receive authentication credentials of the user,to the user at the user device
 3. The system of claim 2, wherein theauthentication interface includes instructions for the user device todetect whether the Bluetooth device of the user is paired with the userdevice.
 4. The system of claim 2, wherein the one or more processors arefurther adapted to: generate a session ID to be associated theauthentication request; send the session ID to the user device; receivean encrypted session ID encrypted with a private key at the Bluetoothdevice; decrypt the encrypted session ID with a public key previouslyreceived from the Bluetooth device; match the decrypted session ID withthe session ID sent to the user device; and authenticate the user at theuser device based on whether the decrypted session ID matches thesession ID sent to the user device.
 5. The system of claim 4, whereinthe one or more processors are further adapted to authenticate the userautomatically without requiring the user to enter credentials when thedecrypted session ID matches the session ID sent to the user device. 6.The system of claim 4, wherein the one or more processors are furtheradapted to require the user to enter credentials for authentication atthe user device when the decrypted session ID does not match the sessionID sent to the user device.
 7. The system of claim 4, wherein thesession ID is unique to an access session based from the authenticationrequest.
 8. The system of claim 7, wherein the access session expiresafter the user is inactive at the account for a predetermine amount oftime.
 9. The system of claim 4, wherein the encrypted ID includes adevice ID of the Bluetooth device, and wherein the public key fordecrypting the encrypted ID is selected based on the device ID of theBluetooth device.
 10. The system of claim 1, wherein the Bluetoothdevice is paired with the user device with a Bluetooth service IDdesignated for authentication.
 11. A method comprising: determining, bya hardware processor, whether one or more Bluetooth devices of a userare paired with a user device of the user; and authenticating, by thehardware processor, the user at the user device automatically withoutrequiring entry of credentials by the user based on whether the one ormore Bluetooth device of the user are paired with the user device. 12.The method of claim 11, wherein a combination of a first Bluetoothdevice and a second Bluetooth device are designated for automaticauthentication of the user; and wherein the method further comprisesauthenticating the user at the user device automatically withoutrequiring entry of credentials by the user when both the first and thesecond Bluetooth devices are paired with the user device.
 13. The methodof claim 11, wherein a first Bluetooth device is designated forautomatic authentication of the user and a second Bluetooth device isdesignated for automatic authentication of another user; and wherein themethod further comprises authenticating the user at the user deviceautomatically without requiring entry of credentials by the user whenthe first Bluetooth device is paired with the user device and the secondBluetooth device is not paired with the user device.
 14. The method ofclaim 11, wherein a first Bluetooth device is designated for automaticauthentication of the user and a second Bluetooth device is designatedfor automatic authentication of another user; and wherein the methodfurther comprises: detecting Bluetooth wireless signal strengths of thefirst Bluetooth device and the second Bluetooth device at the userdevice; and authenticating one of the user and the another userautomatically without requiring entry of credentials based on whetherthe first Bluetooth device or the second Bluetooth device has a greaterBluetooth wireless signal strength.
 15. The method of claim 11, whereina first Bluetooth device of the user and a second Bluetooth device ofanother user are both designated for automatic authentication of ashared account shared by the user and the another user; and wherein themethod further comprises authenticating the shared account automaticallywithout requiring entry of credentials when one or both of the firstBluetooth device and the second Bluetooth device are paired with theuser device.
 16. The method of claim 11, wherein a first combination ofBluetooth devices is designated for automatic authentication of the userfor a first user account and a second combination of Bluetooth devicesis designated for automatic authentication of the user for a second useraccount; and wherein the method further comprises: authenticating theuser for the first user account automatically without requiring entry ofcredentials when the first combination of Bluetooth devices are pairedwith the user device; and authenticating the user for the second useraccount automatically without requiring entry of credentials when thesecond combination of Bluetooth devices are paired with the user device;17. A non-transitory computer-readable medium comprising instructionswhich, in response to execution by a computer system, cause the computersystem to perform a method comprising: detecting a presence of a user bydetecting a Bluetooth device of the user; and authenticating the userautomatically without requiring entry of credentials by the user basedon whether the Bluetooth device of the user is detected.
 18. Thenon-transitory computer-readable medium of claim 17, whereinauthentication of the user unlocks a vehicle.
 19. The non-transitorycomputer-readable medium of claim 17, wherein authentication of the userunlocks a computing device.
 20. The non-transitory computer-readablemedium of claim 17, wherein authentication of the user unlocks aphysical access to a structure.